package com.ruoyi.framework.extendsions.security.token;

import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.util.Assert;

import java.util.Collection;

/**
 * 短信登录 token 参考UsernamePasswordAuthenticationToken
 */

public class SmsCodeAuthenticationToken extends AbstractAuthenticationToken {
    private final Object principal;   // 手机号 或 认证后为 UserDetails

    // 未认证构造（登录请求用）
    public SmsCodeAuthenticationToken(Object principal) {
        super(null);
        this.principal = principal;
        setAuthenticated(false);
    }

    // 已认证构造（Provider 返回）
    public SmsCodeAuthenticationToken(Object principal, Collection<? extends GrantedAuthority> authorities) {
        super(authorities);
        this.principal = principal;
        super.setAuthenticated(true);
    }

    @Override
    public Object getCredentials() {
        return null;
    }

    @Override
    public Object getPrincipal() {
        return principal;
    }

    @Override
    public void eraseCredentials() {
        super.eraseCredentials();
    }
}
